- I had a lot of fun with Datasette in December.
- This is a tool that got added to my Toolbox for sure: it's awesome and rather versatile.
- I took a quick look at no-code development with AppSheet.
- I improved my tools for authentication-related testing.
- I have some new favorite free web development resources:
- Tailwind Palette
- I have some new favorite free Kubernetes development resources: Okteto and Krucible are among my favorites.
- A few quick notes from the Implement DevOps in Google Cloud course and the Cloud SQL quest. CodeLabs
- I'm taking notes as I start working through Building Git: it's fantastic so far and came highly recommended by a trusted colleague.
- one last blog post: https://brie.dev/2022-tools-added-to-toolbox
- Wickedblocks - A free collection of Tailwind blocks & components
- The Practical Engineering blog
- Ansible Integration Guide
- Logfile Navigator -
- A goode guide for using Let's Encrypt's DNS challenge that works well today: https://www.digitalocean.com/community/tutorials/how-to-acquire-a-let-s-encrypt-certificate-using-dns-validation-with-acme-dns-certbot-on-ubuntu-18-04
- Raw Graphs
- Kubernetes clusters for testing and development
krucible create cluster --duration 1to create a cluster that gets cleaned up in one hour.
- Ancientt - A tool to automate network testing tools, like iperf3, in dynamic environments such as Kubernetes and more to come dynamic environments.
- Introduction to YAML: Creating a Kubernetes deployment
- Using Log4brains for tracking Architecture Decision Records
- Google Cloud standards
Read more on my Authentication page.
- SAML Test SP
- Test SP
- OneLogin SAML Developer Tools
- Stub IdP
Unsolicited SAML responses AKA IdP-initiated SSO
- Quick overview of Unsoliticted Responses
- Deep Dive on Unsolicited SSO Configuration
- SAML for Web Developers
- The SAML Python 3 toolkit
- Has a demo Flask app
SAML Python toolkit lets you turn your Python application into a SP (Service Provider) that can be connected to an IdP (Identity Provider).
In production also we highly recommend to register on the settings the IdP certificate instead of using the fingerprint method. The fingerprint, is a hash, so at the end is open to a collision attack that can end on a signature validation bypass. Other SAML toolkits deprecated that mechanism, we maintain it for compatibility and also to be used on test environment.
OneLogin SAML toolkits work with AD-FS. In order to ensure they work properly, make sure you select SHA1 instead of SHA256 as the hashing algorithm in AD-FS.
- SuperTokens looks interesting
I'm looking for more good examples of SAML SPs that meet these criteria:
- are free/have a free tier
- can be self-hosted (not a hard requirement)
So far, the options that seem to meet my requirements are:
A place to look (that's mostly paid):